Privacy Policy

Last updated: July 2, 2026

Sommate (“we,” “our,” or “us”) operates the Sommate mobile application. This Privacy Policy explains how we collect, use, and protect your information when you use our app.

Information We Collect

Information You Provide

  • Account information: Email address and password when you create an account
  • Wine reviews: Ratings, tasting notes, and characteristics you enter when reviewing wines
  • Taste preferences: Flavor profiles and wine preferences you provide during onboarding or update over time

Information Collected Automatically

  • Photos: Images you capture of wine labels or restaurant menus for analysis. These are processed by our AI system and may be stored in your account history.
  • Usage data: Features you use, screens you visit, and actions you take within the app
  • Diagnostic & crash data: When the app encounters an error we collect technical diagnostics (device model, OS version, and a crash report) to fix bugs. This is not used to identify you.
  • Affiliate link interactions: When you tap a “Find this wine” link, we record that click to track affiliate program performance. No personal identity is attached to these clicks.

How We Use Your Information

  • Email and password — account creation and login
  • Wine photos — AI-powered label identification and menu parsing
  • Review data — building your personal wine history and taste profile
  • Taste preferences — personalizing recommendations
  • Usage data — improving app features and fixing bugs
  • Affiliate clicks — tracking partner program performance

Third-Party Services

We use the following third-party services that may process your data:

  • Supabase — Our backend database and authentication provider. Stores your account, reviews, and photos. Privacy Policy
  • Anthropic (Claude) — Our AI provider. Wine photos and text you submit are sent to Anthropic's Claude API to read wine labels and menus and to generate recommendations, pairings, and wine information. Anthropic does not train its models on data submitted through its API. Privacy Policy
  • Google Cloud Vision / ML Kit — Used to read text from wine labels and menus (on-device where possible, with the Cloud Vision API as a fallback). Privacy Policy
  • PostHog — Product analytics. Records the usage events described above to help us understand and improve how the app is used. Privacy Policy
  • Sentry — Crash and error reporting. Receives the diagnostic and crash data described above when the app hits an error. Privacy Policy
  • Resend — Email delivery. Used to send account and product emails to your email address. Privacy Policy
  • Wine.com (via Impact) — Affiliate partner. When you tap a Wine.com link, your click is tracked by the affiliate network. Privacy Policy

Data Retention

Your account data is retained as long as your account exists. Wine photos may be stored in your account history for label identification purposes. You can permanently delete your account and all associated data at any time from within the app (Settings → Delete Account), or by contacting us at matt@sommate.ai.

Children's Privacy

Sommate is intended for users who are of legal drinking age in their country or region. We do not knowingly collect information from minors. If you believe a minor has provided us with personal information, please contact us immediately.

Your Rights

You have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your account and associated data
  • Withdraw consent at any time

To exercise any of these rights, contact us at matt@sommate.ai.

Restaurant Accounts

If you sign up as a restaurant to use the Sommate restaurant portal, we additionally collect the business information you provide — your restaurant's name, location, and the wine menus you upload — and the account email of the person managing it. We show you privacy-protected analytics about how diners interact with your wine list; these analytics never expose an individual diner's identity, email, or personal review history to you. If you close your restaurant account, your restaurant is deactivated and removed from the app; the permanent link behind your printed QR codes stops serving recommendations rather than pointing anywhere unexpected.

Your Regional Rights (GDPR & CCPA/CPRA)

Depending on where you live, you may have additional rights over your personal data:

  • EEA/UK (GDPR): You may access, correct, export (portability), or erase your data, and object to or restrict certain processing. Our legal bases are your consent (which you can withdraw at any time) and the performance of our contract to provide the app to you.
  • California (CCPA/CPRA): You may request access to or deletion of your personal information and are entitled to non-discrimination for exercising these rights.
  • We do not sell or share your personal information for cross-context behavioral advertising, and we do not use it for targeted advertising.

To exercise any of these rights, delete your account in the app (Settings → Delete Account) or email us at matt@sommate.ai. We respond within the timeframe required by applicable law.

Data Security

We use industry-standard security measures including encrypted storage, secure HTTPS transmission, and access controls. No method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by updating the date at the top of this page. Continued use of the app after changes constitutes acceptance of the updated policy.

Contact Us

If you have questions about this Privacy Policy, contact us at:

Email: matt@sommate.ai
Website: sommate.ai